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Amendments to the Drawings: 

In view of the Official Action's objection to the drawings as failing to include a legend 
identifying those figures as illustrating prior art, the attached replacement drawing sheets, which 
include FIGS. 1-3, 5 A and 5B, illustrate systems, apparatuses and methods in accordance with 
exemplary embodiments of the present invention. More particularly, FIGS. 1-3 illustrate various 
entities including, or optionally including, a security policy database with application instance 
identifiers identifying different security services. In addition, FIGS. 5 A and 5B reflect 
determining a security service, and processing a received IP packet according thereto (see blocks 
72, 74 and 86 of FIG. 5 A; and blocks 102 and 106 of FIG. 5B). 

Attachment: Replacement Sheets (FIGS. 1-3, 5A and 5B) 
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REMARKS 

This Amendment is being filed in response to the final Official Action of October 2, 
2006, and concurrent with a Request for Continued Examination (RCE). The final Official 
Action continues to reject all of the pending claims, namely Claims 1-20, under 35 U.S.C. § 
102(b) as being anticipated by U.S. Patent No. 6,330,562 to Boden et al. In addition, the Official 
Action continues to object to FIGS. 1-3, 5 A and 5B as failing to include a legend identifying 
those figures as illustrating prior art. In response thereto, Applicant has amended FIGS. 1-3, 5A 
and 5B to further clarify those figures as reflecting exemplary embodiments of the present 
invention. Applicant therefore respectfully submits that FIGS. 1-3, 5 A and 5B do not, in fact, 
illustrate prior art. As also explained below, Applicant respectfully submits that the claimed 
invention is patentably distinct from Boden, and accordingly, traverses the respective objection 
to the drawings and rejection of the claims. Nonetheless, Applicant has amended various ones of 
the claims to further clarify the claimed invention. In view of the amendments to the figures and 
the claims, and the remarks presented herein, Applicant respectfully requests reconsideration and 
allowance of all of the pending claims of the present application. 

A. The Drawings are Proper 

The Official Action objects to FIGS. 1-3, 5 A and 5B as failing to include a legend 
identifying those figures as illustrating prior art. In response, Applicant has amended FIGS. 1-3 
to reflect various entities including, or optionally including, a security policy database with 
application instance identifiers identifying different security services, in accordance with 
exemplary embodiments of the present invention. In addition, Applicant has amended FIGS. 5 A 
and 5B to reflect determining a security service, and processing a received IP packet according 
thereto (see blocks 72, 74 and 86 of FIG. 5 A; and blocks 102 and 106 of FIG. 5B). Support for 
these additions may be found in the specification at least at page 12, line 6 - page 13, line 2, and 
at page 13, line 13 - page 17, line 3. As such, Applicant respectfully submits that those figures 
clearly do not in fact illustrate prior art. Rather, FIGS. 1-3, 5A and 5B illustrate systems, 
apparatuses and methods in accordance with exemplary embodiments of the present invention. 
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Applicant therefore respectfully submits that FIGS. 1-3, 5A and 5B do not illustrate prior 
art, and that those figures appropriately do not include a legend identifying those figures as such. 
Thus, Applicant also respectfully submits that the objection to FIGS. 1-3, 5 A and 5B is 
overcome. 

B. The Claimed Invention is Patentable over Boden 

With respect to the rejection of Claims 1-20 as being anticipated by Boden, Applicant 
again notes that Boden discloses a system and method for managing security objects, including a 
data model for abstracting customer-defined VPN security policy information. As disclosed, 
such a model enables a VPN node (computer system existing in a Virtual Private Network) to 
gather policy configuration information for itself through a GUI or some distributed policy 
source. The VPN node can then store the policy configuration information in a system-defined 
database, and use the information to dynamically negotiate, create, delete, and maintain secure 
connections at the IP level with other VPN nodes. 

The present patent application is directed to systems and methods for providing a 
common layer for security services and cryptographic keys stored at a central location. 
Amended independent Claim 1, for example, recites a method including providing a plurality of 
security policies, each of which includes an application instance identifier associated with a 
security service, and at least two of the application instance identifiers are associated with 
different security services that operate according to different protocols. As also recited, the 
method further includes creating one or more security associations based upon the security 
service(s) associated with the application instance identifier(s) to thereby create a centralized key 
store including the security policies and security association(s). 

In contrast to amended independent Claim 1, Boden does not teach or suggest a 
centralized key store with security policies, each of which includes an application instance 
identifier associated with a security service, or one or more security associations created based 
upon security service(s) associated with the application instance identifierfsV As explained in 
response to the first Official Action, Boden does disclose abstracting information about 
connections in a VPN environment, such as between a system using TCP/IP and a system using 
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IPSec. Boden also discloses dynamically generating security policies (IPSec filter rules), such as 
to accommodate dynamically-assigned IP addresses. In no event, however, does Boden disclose 
applying a security service other than IPSec such that the security policies include application 
instance identifiers associated with security services. The claimed invention, on the other hand, 
recites a centralized key store including a plurality of security policies each of which includes an 
application instance identifier associated with a respective security service, at least two of the 
application instance identifiers being associated with different security services . 

In response to the foregoing, the final Official Action appears to equate application of 
different security policies within Boden as corresponding to different security services, even 
though Boden discloses IPSec as being implemented for the different security policies. In 
accordance with the present invention, on the other hand, IPSec is but one of a number of 
different security services that may be implemented using the claimed centralized key store. 
Thus, and in further contrast to amended independent Claim 1 , under no reasonable 
interpretation does Boden teach or suggest application instance identifiers associated with 
different security services that operate according to different protocols . Instead, Boden discloses 
different policies that all operate according to the same protocol, i.e., IPSec. 

Applicant therefore respectfully submits that amended independent Claim 1, and by 
dependency Claims 2-5, are patentably distinct from Boden. Applicant also respectfully submits 
that amended independent Claims 6, 1 1 and 16 recite subject matter similar to that of amended 
independent Claim 1, including the aforementioned centralized key store, and application 
instance identifiers associated with different security services that operate according to different 
protocols. Applicant therefore respectfully submits that amended independent Claims 6, 1 1 and 
16, and by dependency Claims 7-10, 12-15 and 17-20, are also patentably distinct from Boden 
for at least the reasons given above with respect to amended independent Claim 1 . 

For at least the foregoing reasons, Applicant respectfully submits that the rejection of 
Claims 1-20 as being anticipated by Boden is overcome. 
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CONCLUSION 



In view of the amendments to the drawings and claims, and the remarks presented above, 
Applicant respectfully submits that the present application is in condition for allowance. As 
such, the issuance of a Notice of Allowance is therefore respectfully requested. In order to 
expedite the examination of the present application, the Examiner is encouraged to contact 
Applicant's undersigned attorney in order to resolve any remaining issues. 

It is not believed that extensions of time or fees for net addition of claims are required, 
beyond those that may otherwise be provided for in documents accompanying this paper. 
However, in the event that additional extensions of time are necessary to allow consideration of 
this paper, such extensions are hereby petitioned under 37 CFR § 1.136(a), and any fee required 
therefore (including fees for net addition of claims) is hereby authorized to be charged to Deposit 
Account No. 16-0605. 
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